Confessions of the QSA: An Introduction to the Payment Card Industry Data Security Standard

 

As most in the industry know, a QSA must get certified by the PCI Security Standards Security Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance. Created in 2004 by major credit card brands, such as Visa and American Express, the council acts as a form of self-regulation.

So, how did Weaver become an expert on PCI, and what types of solutions does it offer its clients?

On this episode of Weaver: Beyond The Numbers, host Tyler Kern talked with Trip Hillman, Director of Cyber Security Services at Weaver, and Kyle Morris, Manager of IT at Advisory Services at Weaver. The trio dug into insights from Weaver’s Quality Security Assessor and explored how Weaver dove headfirst into PCI.

The PCI DSS applies to organizations that store, process, transmit or could affect the security of cardholder data. Companies that fall under this standard could do a variety of things, such as an annual self-assessment questionnaire, or bring in a third-party, independent QSA to do a full-blown report on compliance audit.

Morris is a QSA and started at Weaver about eight years ago. A few years into his career, they had a client, a service provider, start getting asked by their customers if they knew anything about PCI and the report on compliance. At the time, they hadn’t done anything with it, but decided to figure it out. That morphed into Weaver diving headfirst into PCI.

“We help people with self-assessment questionnaires or SAQs and everything from full-on ROCs for Fortune 50 Cloud Providers to small merchants to SaaS solutions,” Morris said.

Follow us on social media for the latest updates in B2B!

Image

Latest

future of healthcare
Leading Through Change: Dr. Kevin Stevenson on Workforce, Innovation, and the Future of Healthcare
October 1, 2025

Healthcare is at a critical turning point, where staffing pressures, shrinking reimbursements, and rising patient expectations are reshaping the future of healthcare. According to the AACN Nursing Workforce Fact Sheet, the federal government projects more than 203,000 new registered nurse positions will be created annually from 2021 to 2031, reflecting high demand from an…

Read More
Non-traditional students
Holistic Support in Higher Ed: Why Non-Traditional Students Need More Than Just Financial Aid
October 1, 2025

Non-traditional students—adult learners, student parents, veterans, and first-generation college-goers—are carrying heavier burdens than ever. Upswing’s 2024 Ana Insights Report found that nearly nine in ten students intended to complete a FAFSA application, while many also sought help with essentials like food, housing, and bill payments. Perhaps most concerning, students expressed declining confidence in higher…

Read More
EAA AirVenture
@EAA AirVenture 2025 – Lori Barger & Larry Schaack Talk Communication & Safety
October 1, 2025

Nestled in the shaded quiet of Oshkosh’s Seaplane Base, there exists a side of EAA AirVenture that many attendees never see. Unlike the bustling main grounds, the Seaplane Base operates for just one week each year, transforming from an unused shoreline into a hub of aviation activity. It takes hundreds of volunteers and days of…

Read More
Seaplanes
Jim Zirbel at @EAA AirVenture 2025 | Keeping Seaplanes Connected & Safe
October 1, 2025

At the heart of EAA AirVenture 2025, the Seaplane Base offers a unique glimpse into aviation’s most delicate dance—where water and air meet. Unlike traditional runways, this floating airfield demands a constant balance of precision, coordination, and communication. Here, pilots don’t just rely on their own skill; they depend on an entire team of volunteers…

Read More